copyright jnt association 2009nordunet, 18 th september 20091 protecting privacy in global networks...

Copyright JNT Association 2009 NorduNET, 18th September 2009 1

Protecting Privacyin Global Networks

Andrew CormackChief Regulatory Adviser,

JANET(UK)[email protected]

mailto:[email protected]


?What is Privacy, anyway?

Secret Dog

Same DogLassie


IdentificationRecognition

Attribute?Secret


Real-world privacy leaks!

“Dog”

+ “Alsatian”



“Can pay”

+ Name

+ Affiliation



“Can drive”

+ Name

+ Date of Birth

+ Where born

+ Where living

+ Signature

= Theft kit

= Identity theft kit


On-line: can do better

Give meaccess

Save stuff formy next visit

Find me inother systems

Bill me?Punish me?

js56

cfa12e0b


How to use privacy tools?• Real world experience is a poor guide

– Don’t import “leak and label”• Law may say how to use technology

– “how fast can I drive in Denmark?”– “which side of the road?”


Lots of Privacy Law, but...• Is amount of tax paid private data?

YES! NO!


YES! NO!

Lots of Privacy Law, but...• Is a web server log private data?


Lots of Privacy Law, but...• Who owns your private data?

ME! YOU!


Doing Privacy Right• Privacy = “subject-controlled use”• So, from that definition

– Don’t cause of loss of control• Either deliberately or accidentally• Data/use minimisation => risk minimisation

– Tell subject what you will do• What uses they control and what they don’t

– Build privacy into systems• Identification as last (exceptional) resort


Separation of Roles• Separating identification is good• Maybe separate credential issue too?

– First get a (generic) on-line credential– Then use it to enrol with a particular service– As in PGP, sort of

• Result: SSO with better privacy– No “central database” of attributes or links– Services choose own enrolment standard

• Up to limit set by credential issue/use

copyright jnt association 2009nordunet, 18 th september 20091 protecting privacy in global networks...

Documents